//package com.example.cleverz.service.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.authentication.ReactiveAuthenticationManager;
//import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
//import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
//import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
//import org.springframework.security.core.userdetails.User;
//import org.springframework.security.crypto.factory.PasswordEncoderFactories;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
//import org.springframework.security.oauth2.client.registration.ClientRegistration;
//import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
//import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
//import org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository;
//import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
//import org.springframework.security.oauth2.core.AuthorizationGrantType;
//import org.springframework.security.web.server.SecurityWebFilterChain;
//import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
//import org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter;
//import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher;
//import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
//
//import java.util.Arrays;
//
//@Configuration
//@EnableWebFluxSecurity
//public class AuthConfig {
//
//    // TODO 执行完所有认证操作后返回UsernamePasswordAuthenticationToken的token认证对象.但是oauth2Login的拦截器却要oauth认证token.强制类型转换的时候就会报错.
//    // TODO 登录时会重现这个问题
//
//    @Bean
//    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
//
//        // 全部拦截
//        http.authorizeExchange().anyExchange().authenticated();
//
//        // 关闭csrf效验拦截器
//        http.csrf().disable();
//
//        http.formLogin();
//
//        // oauth2认证登录
////        http.oauth2Login(
////                oAuth2LoginSpec -> oAuth2LoginSpec
////                        // 匹配器,拦截或放行
////                        .authenticationMatcher(matcher())
////                        // 转换器
////                        .authenticationConverter(converter())
////                        // 认证管理
////                        .authenticationManager(manager())
////                        // client认证仓库
////                        .authorizedClientRepository(authorizedClients())
////                        // client注册仓库
////                        .clientRegistrationRepository(clientRegistrations())
////        );
//
//        http.addFilterAt((exchange, chain) -> {
//            chain.filter()
//        }, SecurityWebFiltersOrder.AUTHORIZATION)
//
//
//        return http.build();
//    }
//
//    private ServerWebExchangeMatcher matcher() {
//        System.out.println("Load matcher");
//        return new PathPatternParserServerWebExchangeMatcher("/test/token");
//    }
//
//
//    @Bean
//    public MapReactiveUserDetailsService userDetailsService() {
//        System.out.println("Load user details service");
//        PasswordEncoder delegatingPasswordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
//
//        return new MapReactiveUserDetailsService(Arrays.asList(
//                User.builder().username("admin").password("123456").roles("sup", "admin", "user").passwordEncoder(delegatingPasswordEncoder::encode).build(),
//                User.builder().username("user").password("123456").roles("user").passwordEncoder(delegatingPasswordEncoder::encode).build(),
//                User.builder().username("vip").password("123456").roles("sup", "user").passwordEncoder(delegatingPasswordEncoder::encode).build(),
//                User.builder().username("cleverz").password("123456").roles("sup", "admin", "user", "root").passwordEncoder(delegatingPasswordEncoder::encode).build()
//        ));
//    }
//
//    private ReactiveClientRegistrationRepository clientRegistrations() {
//        System.out.println("Load client Registration Repository");
//        return new InMemoryReactiveClientRegistrationRepository(Arrays.asList(
//                ClientRegistration.withRegistrationId("web")
//                        .clientId("web")
//                        .clientName("web")
//                        .clientSecret("123456")
//                        .tokenUri("/user/token_1")
//                        .authorizationGrantType(AuthorizationGrantType.PASSWORD)
//                        .build(),
//                ClientRegistration.withRegistrationId("app")
//                        .clientId("app")
//                        .clientName("app")
//                        .clientSecret("123456")
//                        .tokenUri("/user/token_2")
//                        .authorizationGrantType(AuthorizationGrantType.PASSWORD)
//                        .build(),
//                ClientRegistration.withRegistrationId("applet")
//                        .clientId("applet")
//                        .clientName("applet")
//                        .clientSecret("123456")
//                        .tokenUri("/user/token_3")
//                        .authorizationGrantType(AuthorizationGrantType.PASSWORD)
//                        .build()
//        ));
//    }
//
//    private ServerOAuth2AuthorizedClientRepository authorizedClients() {
//        System.out.println("Load client repository");
//        // 官方自带的获取和校验client端认证信息的client仓库
//        return new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrations()));
//    }
//
//    private ServerAuthenticationConverter converter() {
//        System.out.println("Load converter");
//        // 官方自带的获取表单信息的转换器
//        return new ServerFormLoginAuthenticationConverter();
//    }
//
//    private ReactiveAuthenticationManager manager() {
//        System.out.println("Load manager");
//        // 官方自带的校验和封装用户认证信息的认证管理器
//        return new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService());
//    }
//
//}
